antivirus

How to get started in regulatory compliance

Dave Farquhar security , , , , , , ,

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective.

I think most any CISSP will answer that question similarly, so I’ll take a stab at it. Read more

Using antivirus to deliver a virus

Dave Farquhar security ,

A coworker tipped me off the other day to how it’s possible to use a certain major-brand antivirus to infect a computer. “I didn’t have admin rights,” I overheard him explaining, “So I got them with [redacted] antivirus.”

My head spun around violently. “You did what?

“Google ‘confused deputy persistence,'” he deadbeated. “It’s the first result.” Then he went back to explaining the problem at hand. Read more

Rooting: Just do it.

Dave Farquhar Android , ,

Rooting is a confusing term to Android newcomers, but it’s really simple: It’s gaining administrative rights, just like you have on a Windows PC. It’s nothing particularly nefarious.

The difference is that it’s not quite as straightforward with Android. Read more

The trouble with routers

Dave Farquhar Hardware, security , , , , , , , , ,

I see the advice going around, again, to disable the Windows firewall and rely on an external router, the justification being that it makes your computer “invisible.” It doesn’t. Only IPV6 can do that–and then, only if you don’t use it for anything.

The trouble with that advice is that there are botnets targeting routers. Routers are nothing special; they’re small computers running Linux on an ARM or MIPS CPU, typically outdated versions with old vulnerabilities that can be exploited by someone who knows what to look for. One example of this is the Aidra botnet. Typically Aidra is used to attack outside targets, but it’s not outside the realm of possibility for an infected router to turn on and attack the machines it’s supposed to protect. And if you’ve turned off your firewall, then you have no protection against that.
Read more

EMET protects against what your antivirus cannot–and it’s free

Dave Farquhar security , , , , , , , , , ,

A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame.

Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by default. EMET is a wrapper that forces software to use these technologies, even if they weren’t designed from the get-go to use them. The idea, then, is that if a badly behaving data file tries to exploit a traditional vulnerability in one of these programs, EMET steps in and shuts it down. A real-world example would be if you visit a web page that’s playing a malicious Flash video, or that contains a malicious Acrobat PDF. The malicious data loads, starts to execute, and the minute it misbehaves, EMET slams the browser tab shut. You won’t know right away what happened, but your computer didn’t get infected, either. Read more

Give your antivirus software a workout

Dave Farquhar security , ,

Via PC Magazine, I found the AMTSO website, which is designed to test your antivirus software for proper operation. I think this is good for two reasons. One, it gives you a chance to see if antivirus software is operating properly. Two, it gives you a chance to see how your browser and antivirus software behave when something bad is going on. Read more

Deconstructing my conversation with “Computer Maintenance Department”

Dave Farquhar security , , , , , , ,

My tell-all about my encounter with “Computer Maintenance Department” was a little heavy on the jargon yesterday. It occurs to me that explaining what some of the terminology means, and the problem with their reasoning, may be helpful. I’ve also heard a few questions through various channels, and I think those are worth answering. Read more

This “Computer Maintenance Department” sure doesn’t know much about computer maintenance

Dave Farquhar scams, security , , , , , , , , , , , , ,

“Peggy” from “Computer Maintenance Department” (1-645-781-2458 on my caller ID) called again. Lots of people are aware of these phone calls. They call, make vague claims about receiving a report that your computer is running slow and giving you errors, and are very careful not to say who they are or who they work for. Usually I just do whatever I can to get them off the phone.

But after having lunch with some other computer security professionals last week, a couple of them talked me into finding out how these guys operate. So I fired up a PC that turned out to have a real, legitimate issue. After resolving that issue myself, I turned the caller loose on my semi-functional PC so I could see what these scammers actually do. He had me connect to Teamviewer.com and run their remote access software. I followed his instructions, watched him connect, then slyly unplugged my network cable.

When my network connection dropped, “Peggy” quickly transferred me to a “senior technician” who used the name “Roy.” Read more

Antivirus progress

Dave Farquhar security , , , ,

When Microsoft Security Essentials first came out, it was an improvement in antivirus performance. Now, it’s middle of the pack, according to PC Magazine. That’s great. Vendors are finally taking performance seriously.

What that means is that by replacing MSE with F-Secure Anti-Virus 2013, Kaspersky Anti-Virus (2013), Sophos Anti-Virus 10.2, ESET NOD32 Antivirus 6, Norton Antivirus (2013), Avast Free Antivirus 8, or Bitdefender Antivirus Plus 2013, you can speed up your computer. Considering Norton Antivirus was once bottom-of-the-barrel in the performance arena, I see this as a good thing.

Of the bunch, Avast is the only freebie. Though if your ISP offers one of the others as part of your subscription, or you don’t mind paying for antivirus, the others are an option. But maybe, just maybe, if I replace Microsoft Security Essentials with Avast, Peggy will quit calling me at dinnertime and telling me my computer is slow. But I doubt it. Read more

“Computer Maintenance Department” called me again from India

Dave Farquhar scams, security , , , , , , ,

So, “Peggy” from “Computer Maintenance Department” called me again last night. This time I decided to mess with him a bit more. This is the second time.

(No, “Peggy” wasn’t his real name, nor did he identify himself as “Peggy,” but that’s the name I’ll use, thanks to that old Discover commercial.)

Read more